Slashdot videos: Now with more Slashdot!

View

Discuss

Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

An anonymous reader writes: Rumors of back dooraccess to Skype have plagued the communication software for the better part of a decade. Even if it's not true, Skype is owned by Microsoft, which is beholden to data requests from law enforcement. Because of these issues, a group of developers started work on Tox, which aims to rebuild the functionality of Skype with an emphasis on privacy. "The main thing the Tox team is trying to do, besides provide encryption, is create a tool that requires no central servers whatsoever—not even ones that you would host yourself. It relies on the same technology that BitTorrent uses to provide direct connections between users, so there's no central hub to snoop on or take down."

The idea of backdoors is just convoluted and pointless, it's often a way of perpetuating some illusion of shady corporate and government collusion. Oddly enough the product is used by many different governments and other corporations across the globe so I've never quite understood who the supposed conspirators are - though it is often Microsoft and the US government while the rest of the world are bumbling fools living in ignorance, but these people who tell us all about these back doors (except what they a

AC the backdoor aspect is both national and international
"FBI Wants Backdoors in Facebook, Skype and Instant Messaging" http://www.wired.com/2012/05/f... [wired.com]
".... drafted by the FBI, that would require social-networking sites and VoIP, instant messaging and e-mail providers to alter their code to make their products wiretap-friendly."
Then the world was given more details "Encrypted or not, Skype communications prove ÃoevitalÃ to NSA surveillance" May 14 2014http://arstechnica.com/securit... [arstechnica.com]
As for the "nobody on the inside has ever leaked out." aspect try http://cryptome.org/2013-info/... [cryptome.org]
The "inside" can now be understood by aspects like "Drug Agents Use Vast Phone Trove, Eclipsing N.S.A.Ã(TM)s"http://www.nytimes.com/2013/09... [nytimes.com] ..."employees sit alongside Drug Enforcement Administration agents and local detectives and supply them with the phone data from as far back as 1987."
How past "parallel construction" and telco support will respond to any new "peer-to-peer and voice calling" will be interesting.
How did the US and UK get to past bespoke crypto telco hardware in the 1950's and beyond? Plain text always seemed to emerge just in time.

Leaving the conspiracy theories aside (indeed, who needs them, except strawman erectors) -- tell me, do you think for instance there were some average Janes and Joes that got rather a bad wrap, undeservedly so, during the housing and banking crises the other day?

We know-- for a fact-- that Skype has worked with the Chinese government to provide bugged versions of skype (TOM Skype). We know-- for a fact-- that Microsoft has access to provide call logs for law enforcement, on demand.

Call it what you like, but both of those are well documented and can be found in a 5 minute google search.

If you send traffic to a central server, and if the traffic is unencrypted OR is encrypted by a key you don't control then monitoring your traffic without you being to prove it is absolutely possible.

You *always* send data to servers you dont control when you transmit data over the public net, everybody already knows that and anybody that assumed any sort of privacy when transmitting data over a public network is a deluded fool, clearly you are in that category.

Decentralized services are a great idea, but there is one big flaw. Not enough people care about it to get a critical mass of users. Virtually everyone outside a handful of tech geeks will keep using the centralized services, so to talk to people out there in the real world, you'll need to use the centralized services too. Or, restrict yourself to these decentralized networks and find they are mostly empty, maybe several thousands of users across the whole of the world.

And good luck trying to explain to Joe/Jane Sixpack how to use them. You have to fight against the centralized data-mined services that came preinstalled on their devices, and that's a non-starter for most people.

It fails not for technical reasons. It fails because of widespread tech illiteracy in the general population.

Decentralized services are a great idea, but there is one big flaw. Not enough people care about it to get a critical mass of users.

There's a group of Hollywood celebrities that have just been made aware of the need for decentralized and more private internet services. I think people will care, albeit only after a problem has occured.

Do you think a single one of those celebrities will move to such a system?

I really think they will if it's the easiest option. It's up to developers to make encrypted, decentralized storage the default and easy to use. Build it and they willl come (pun half-heartedly intended.)

Step one is to have the big high-profile stories in the press about the problems. Step two is to have the big high-profile stories in the press about the alternatives. The important thing now is for anyone who is contacted by the press as an expert to ask about the iCloud hack to make it very clear that this isn't an Apple-specific problem, it's a problem inherent in the entire design of centralised services and to list alternatives.

There's a group of Hollywood celebrities that have just been made aware of the need for decentralized and more private internet services.

In that context what is the solution? Certainly not to host the services yourself. The security was beaten by a flaw in the server software that allowed a brute force attack to take place, so how does decentralization help you there?

Where "yourself" is one of a set of firms that specialize in very high security hosting for high-risk clients. Using an iphone locked them in to Apple's lowest-common denominator of secure hosting, and while that's great for the average low-value target, it isn't sufficient for someone with a lot to lose.

That's rubbish, you are not "locked" in to Apple's hosting, stop spreading FUD. You can quite easily turn off iCloud and use whatever service you want or no cloud storage at all, it is already decentralized. You are just swapping one supposedly secure service for another.

> You can quite easily turn off iCloud and use whatever service you want

I'm afraid I must say "good luck with that". The bar to replace services that are built into Iphones or Ipads by Apple, as a supported service and built directly into their operating systems, is quite high.

Not sure why, I don't need luck because it already works fine with services like DropBox and Skydrive or there's apps from western digital and synology. I could even use the APIs to write my own if I wanted to.

> I don't need luck because it already works fine with services like DropBox and Skydrive

Neither of these are focused on end-to-end user security. The centralized password management for both systems, and presence of most deposited contents unencrypted, are profound price savings and software simplifications for those companies. But it puts both systems at risk of precisely the sort of overseas, strong-arm warrant or subpoena that Microsoft is facing right now from US courts for email stored in Ireland

> Can you provide an alternative service that is "focused on end-to-end user security"?

No. That's partly because the barrier to entry is so high, which I did mention. So services like a Skype replacement, or full blown custmer-privacy-centered services, are quite difficult to get started. And services like Dropbox admit, themselves, that they are not immune from subpoenas. (See https://www.dropbox.com/transp... [dropbox.com] for what little they're permitted to publish about search warrants or subpoenas.)

Well firstly I was debunking the idea that with Apple you're locked to iCloud, which is false. Then I was asking what the alternative is and your response is that there isn't one and that some fantasy one with everything you want is likely not viable.

Name one system that does keychain backup/restore inside the standard apple interface.

Why would I want to do that? Saving my passwords (encrypted or not) to a cloud service sounds like a fantastically stupid idea. I'll save photos and videos there but passwords? No thank you, I have no need for that.

The BBC news article about the hack had a quote from one of the celebrities saying that the pictures had already been deleted before they were stolen. That is the problem with these services: they don't securely (or, at all) delete things. Google's deletion mechanism, for example, relies on simply not actively copying the files to newer disks so that when the old disks eventually die the files are gone. I wouldn't be surprised if Apple's works in a similar way. Even if you decide you don't trust Apple/Go

The device doesn't matter, it's the software. My 16gig iPhone has plenty of storage for my to do what I need/want without using cloud/off-device solutions. I don't need a device with sd cards. Software is the issue. The software I use IS going to send some information to a server SOMEWHERE for storage or re-routing - that is the problem. Having software that does proper peer-to-peer, fully encrypted with proper up-to-date encryption metho

Not much the average consumer can do about wire tap friendly products built into tame telco approved hardware and software as offered globally.
You can code a software layer into your consumer device that offers really good quality encryption.
The problem is not so much a back door, trap door, just that every letter and number entered on the device is open to hardware logging by default by a gov activated telco layer..
A person is walking around with a gps becon, live mic, camera and plain text capturing de

It fails not for technical reasons. It fails because of widespread tech illiteracy in the general population.

We've largely solved the issue with things like magnet links and decentralized databases.

The issue we still haven't solved is in our mind: We believe everyone needs to have "tech literacy", completely forgetting that every invention in history became successful only after someone made it easy to use for people without learning all the mechanical details about it. When only car mechanics could drive a car, the total number of cars in the world was less than that in your local shopping malls parking lot today

I don't use skype for a 'chat box.' Really, I hardly 'chat' at all anymore. Did enough of that in the late 80's to early 90's. I use skype as my long distance phone carrier. As long as I'm at home or have a wifi connection, I can call any phone in the continental US at no extra cost. This costs me about $4 a month. It's a nomadic sort of thing, I used to do it with an iPod touch, but now use an unsubscribed Android phone (the iPod touch 'for the rest of us', which even has an SD slot!). When home I make lon

'A lengthy new Guardian report claims Microsoft worked directly with the NSA by giving complete back door access to Outlook (and Hotmail), Skype and SkyDrive. The report basically says each service was easily circumvented in order to make the NSA’s job of sleuthing data incredibly easy, as if your private info was selling at a weekend garage sale. One NSA document even described the collaboration with Microsoft as a “team sport.”' ref [technobuffalo.com]

It could be handled like SSH: when you get an invite to connect to someone, their key fingerprint is displayed. If you are paranoid, you can verify the fingerprint via alternative channels. Otherwise, you blindly accept it. In either case, you are protected against man in the middle attacks after that first connection is made. Also, if you did accept a fake key, any time you try to talk to that person over a network where the man in the middle is not present will trigger a key mismatch, revealing that an at

A better approach would be to generate a random session key and each user's client would display some sort of hash (it doesn't need to be really long: 6 or 8 digits would suffice) of that key. Assuming the two parties know each other and recognize each other's voice and/or face, one of them can read the hash to the other. If there's a MITM attack, they won't match. As I said, the hash doesn't need to be long, since one mismatch would indicate trouble.

That was one of my first questions. The answer is; however you want. They provide an "easy" (hence vulnerable) method for doing so, but you can check the public key hash against your securely transferred value before approving a key if you want.

Or, slightly differently; this is not a key exchange system, just a comm system you can use once you have authenticated a key to your level of security requirement.

Like its file sharing predecessor KaZaa, Skype is an overlay peer-to-peer network. There are two types of nodes in this overlay network, ordinary hosts and super nodes (SN). An ordinary host is a Skype application that can be used to place voice calls and send text messages. A super node is an ordinary host’s end-point on the Skype network

Of course, the problem with the Skype system (as it was when that paper was written) is that the decentralised nature of the network means that your video call could be routed through any number of Skype network nodes (i.e. computers) before it arrives at its destination. I think now Microsoft has replaced most of the supernodes with microsoft servers, so replace "any number of Skype network nodes" with "any number of Microsoft servers".

Presumably Tox is doing something similar to going back to the roots of Skype, with maybe a bit more encryption thrown in.

I can attest to Skype doing this. A friend away moved away for graduate school and we would communicate using Skype, so I started just leaving the desktop application open. My computer is located in my bedroom, with a switch next to it. I woke up like 3am, see the lights FLASHING going all sorts of nuts on my switch, which was weird as I had nothing on my pc open at the time. I check net stat... i see a inbound and outbound connection, one to some SBC DSL user in Atlanta, another to a Comcast user somewhere else, forgot where, but some other state. I kill Skype. BAM, connections close, traffic resumes normal operation. Skype was using my computer as relay service, since I have active UNPN, and the other two client presumably had some sort of firewall blocking direct communication. To this day i tell *EVERYONE* who uses the Desktop app to close it as soon as they're done to prevent this as most home connections now have meters. (Charter's is 250gb/mo for 30mbit, which I hit 150gb+ some months when I was toying around with AOSP and downloading the entire repo a few times after screwing up a VM or something).

I have noiced the same thing on my skype in the past. I am fine with contributing some p2p bandwidth but wish the program was a bit more upfront about telling you about it.

On a separate but related issue, I used to use netstat for the same kind of thing you did, but now I run a program called nethogs, which is a command line tool a lot like top, but shows bandwidth usage by process in real time in more sane units like kb/s instead of the ugly packet buffer counts netstat uses which are kind of hard to read

Skype CAN and DOES read your messages, and quite probably your voice and video too.Send a text chat message with a unique one time URL to your own box in it over Skype, such as:http://yourbox.com/laks2312kjceieYou will see a bot fetch you. Skype scraped the link out of your so called privately encrypted chat.Google it if you don't believe me.SKYPE CANNOT BE TRUSTED, EVER!!NO CLOSED SOURCE CAN BE TRUSTED!!!!!Quit freaking using closed source, there's no reason to anymore.

I'm curious whether Skype changed to a more centralized service primarily because of the mobile world. Skype used to be a huge connection and battery hog on phones primarily because of the decentralized nature. Skype used to send messages through that were 'pending' to a contact even when your phone was in standby, because it was constantly trying to push the message to the user.

After microsoft acquired Skype, one of the first changes was this was removed, but it made it difficult to send messages sometim

Even just downloading and running it is a PITA. Click the flashy download button on the front page and you get to a crappy wiki page listing several "proof of concept clients" - pick one! Of course, if you look further in the Wiki you'll find that there's about a dozen other clients as well, and none with the complete feature set. So now we have gone from downloading and installing to reading, studying, pondering and failing... great way to make people use your software!

Since the earliest days of USENET and IRC Chat, the geek has a flawless record of making one-on-one communication over the Internet as painful a process as possible for the non-technical user.

Don't be facetious. One-on-one communication could be much more painful. In the specific case of secure (ie: end-to-end encrypted) communication, Tox is approaching the theoretical limit of simplicity. Key exchange has a mathematically bound minimum complexity in order to be secure. The reason Skype is not secure is pr

It always seemed we could at least sandbox Skype as a limited unique user, but 4.3 requires Pulse and pulse is increasingly the de facto sound system over alsa. Correct me if I'm wrong but doesn't pulse running at the user level only allow ONE user and system-wide utilization is vehemently discouraged by the developers for SECURITY reasons? If so, it seems like Microsoft and the NSA have worked out a way to p0wn any linux box where a person has installed a working 4.3 Skype.

Just tried to install it after adding the PPA and it's missing mysterious dependencies, thus cannot be installed. Rubbish. Promotion should offer an incentive, not a host of obstructions! Back to Jitsi, cunts.

Easy way to make this much more useable is to keep the current user rendezvous infrastructure, but use a layer on top for key exchange that goes through user-elected central servers.The entire Moxie Marlinspike's trust agility thesis. Let the users choose the central entity that they trust for making the rendezvous via a plugin or a high level protocol layer - something as simple as a REST api over https. Every trust provider just has to provide an API endpoint for signing and exchanging keys.

I discuss similar stuff with people. You have a few that don't care but you also have many that are getting wrong advice. Many were told that legally they can't highly secure their cell phones, computers, tablets, etc. Plus a few even said that to be as secure as possible will have them put under suspicion of illegal activities and they don't want that kind of attention.I believe security is good if it accomplishes what it is intended for. But many that are not secure because for a decade they were tol

I get what you are saying, but exposing IP addresses to 3rd parties isn't typically desirable.

Case in point, I don't have your IP address. And you don't have mine.

Sure email works like that (although possibly less so in current era with gmail and such, then again maybe not), but many services don't. Sure, the service provider --- the middleman --- has access to that, but the other users don't.

I don't have your IP, you don't have mine. The 3rd party in the middle does. There is a single point where all interaction with Slashdot can be intercepted.

I get what you are saying, but exposing IP addresses to 3rd parties isn't typically desirable.

What? That's exactly what you're advocating.

The flaw in the system is the central server.

Email works fine how it is, because of the requirement to store messages when recipients are offline. Yet it still doesn't suffer the problem of all messages going through a single entity. You're free to connect directly to the recipients mail server. You're not forc

remailers and nyms can do it for email. Unfortunately you get a lot of latency, sometimes added on purpose for extra security (to prevent tracking by timing)
You encrypt reply blocks that have nested instructions to send the also-encrypted message along. Each server can only decrypt their own portion.
With two servers between you, neither end point knows the other end point. Servers in different countries may be used in series.
You can assemble such a reply block and attach it to anonymously sent emails or

As with nearly everything in life, privacy and security are not all-or-nothing, black-or-white issues - instead it is a set of trade-offs, what do you have to give up in order to get a desired result. It is at least a 2-dimensional spectrum where limiting exposure to the minimum necessary nodes versus any node that takes an interest is preferrable.

Look at it this way - most people don't have a problem giving their credit card number to a website when they make a purchase but would not find it acceptable to

A legitimate concern? Man! I want some of what you've been smoking, buddy!

I'd be really interested to know how one can send and receive data across the Internet without sharing your IP address with each intervening router, as well as the endpoint. I've been doing IP networking (since you're obviously rather thick, I'll explain that IP is the Internet Protocol which is the basis for all communications across the Internet. You can find out more with the TCP/IP Tutorial [ietf.org] and the Internet Protocol Specificat [ietf.org]

On slashdot, your IP doesnt get exposed to everyone, silly. It only gets exposed to slashdot (and routers in between if you are not using SSL). Finding your IP (and hence your location), by just your name viperidaenz, is a little bit worrying and a valid concern. If you dont find it worrying, you should start signing each of your slashdot posts with your current IP.

Skype already leaks your IP anyway (both to active callers and to anyone that requests it as long as they know your username.)It's common knowledge in live streaming that you should hide your skype username when streaming to prevent DoS attacks.

You have to be seriously insane to even consider trying to do real time video over something akin to Bittorrent.

A few months ago, I would have agreed with you. But I've been using the PopcornTime [time4popcorn.eu] app since then, and it reliably delivers HD streams with few if any stutters. There's no reason to believe a single (video+)voice stream wouldn't be possible using a similar approach....